<cfparam name="groupid" default="0">

<cfif isdefined('url.doaction')>
<cfif url.doaction is 'insert'>
	<cfif form.rule_c IS 'NONE'>
    	<cfset crule = 'NONE'>
        <cfset arule = 'NONE'>
    <cfelse>
    	<cfset crule = listgetat(form.rule_c, 1)>
        <cfset arule = listgetat(form.rule_c, 2)>
	</cfif>
    <cfif len(trim(form.scriptname)) IS 0>
    	<cfset scriptrule = 'NONE'>
    </cfif>
    
    <cfquery name="qinsertrule" datasource="#request.dsn#">
    INSERT INTO core_admins_rules
    (rule_c, rule_a, userlevel, rule_script)
    VALUES
    ('#crule#', '#arule#', #form.groupid#, '#scriptrule#')
    </cfquery>
    <cflocation url="index.cfm?c=cpusers&a=permissions&groupid=#groupid#">
</cfif>
<cfif url.doaction IS 'delete'>
	<cfquery name="qdelete" datasource="#request.dsn#">
    DELETE FROM core_admins_rules
    WHERE id = <cfqueryparam value="#delid#" cfsqltype="cf_sql_integer">
    </cfquery>
</cfif>
</cfif>
<cfinvoke component="cfcs.admin.admin" method="getpermissions" groupid="#groupid#" returnvariable="qpermissions" />
<cfinvoke component="cfcs.admin.admin" method="getgroupinfo" groupid="#groupid#" returnvariable="qgroup" />
<div id="messages_hints">
<cfoutput>The <strong>#qgroup.groupname#</strong> group uses a <cfif qgroup.listtype IS 0><strong>black-list</strong><cfelse><strong>white-list</strong></cfif></cfoutput>
<br>
<cfif qgroup.listtype iS 0>A black-list will block access to the components, actions, and/or scripts specified in the list below.
<cfelse>A white-list will only allow access to the components, actions, and/or scripts specificed in the list below.
</cfif>
</div>
<table width="100%" border="0" cellspacing="0" cellpadding="6">
  <tr>
    <td colspan="4" id="columnheaders">New Rule</td>
  </tr>
  <form method="post" action="index.cfm?c=cpusers&a=permissions&doaction=insert" id="permission_addform" name="permissions_addform">
  <tr>
    <td><select name="rule_c" id="rule_c">
    	<option value="NONE" selected="selected">Select Component (and action)</option>
		<cfset qcs = application.admin_qcs>
        <cfloop query="qcs">
        	<cfoutput><option value="#qcs.name#,ALL">#qcs.name#</option></cfoutput>
        	<cfinvoke component="cfcs.common.settings" method="getcomponentactions" c="#qcs.name#" returnvariable="qas" />
            	<cfloop query="qas">
                	<cfif not qas.aval IS 'default'><cfoutput><option value="#qcs.name#,#qas.aval#">&nbsp;&nbsp;&nbsp;#qas.aval#</option></cfoutput></cfif>
                </cfloop>
        </cfloop>
    </select>    </td>
    <td>OR enter absolute path to script:</td>
    <td><input type="text" id="scriptname" name="scriptname" size="35" value=""></td>
    <td><cfoutput><input type="hidden" value="#groupid#" name="groupid" /></cfoutput>
    <input type="submit" name="abutton" id="abutton" value="Add Rule"></td>
  </tr>
  </form>
  <tr>
    <td width="20%" id="columnheaders">Compent</td>
    <td width="25%" id="columnheaders">Action</td>
    <td width="30%" id="columnheaders">Script</td>
    <td id="columnheaders">&nbsp;</td>
  </tr>
  <cfloop query="qpermissions">
  <cfoutput>
  <tr class="menu_row" onMouseOver="this.className = 'menu_row_over2';" onMouseOut="this.className = 'menu_row';">
    <td class="menu_cell">#rule_c#</td>
    <td class="menu_cell">#rule_a#</td>
    <td class="menu_cell">#rule_script#</td>
    <td class="menu_cell"><a href = "index.cfm?c=cpusers&a=permissions&doaction=delete&groupid=#groupid#&delid=#id#"><img src="images/delete.png" alt="Delete Rule" title="Delete Rule" border="0"></a></td>
  </tr>
  </cfoutput>
  </cfloop>
</table>
<cfif qpermissions.recordcount IS 0>
<div id="messages_hints">
No rules are setup for <cfoutput><strong>#qgroup.groupname#</strong> group</cfoutput>
</div>
</cfif>